RE: ACL to permit Multicast from Aundra Browning on 2009-09-13 (Ccielab archives 09/2009)

From: Aundra Browning <aundra.browning_at_earthlink.net>
Date: Sun, 13 Sep 2009 17:19:43 -0400

Hi Guys....

Just have to be careful here - assuming we are referring to matching IP
Multicast traffic w/an ACL.....you would have to match on the destination
address as 224.0.0.0 - 239.255.255.255 wouldn't be a source address. Think
the below was meant to show:

permit ip any 224.0.0.0 15.255.255.255

Hth...

Aundra (Andre) Browning
CCIE #21901 (R&S)

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Joe
Astorino
Sent: Sunday, September 13, 2009 3:34 PM
To: Lejoe
Cc: Steve Lyons; Mohamed El Henawy; Cisco certification
Subject: Re: ACL to permit Multicast

this is always a good one as well to permit the entire IP multicast range...
permit ip 224.0.0.0 15.255.255.255

On Sun, Sep 13, 2009 at 9:16 AM, Lejoe <styran_at_gmail.com> wrote:

> Hi,
>
> Adding to Steve's post,
> - CGMP frames are Ethernet frames, so you cant match it in an IP ACL.
>
>
>
http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note0918
6a00800b0871.shtml#cgmp
> - MSDP (TCP port 639)
> - MOSPF (Multicast Extensions to OSPF)
> - Auto-RP, BSR, Anycast RP ( All use PIM + IGP)
> - IPv6 MLD ( uses ICMPv6, IP protocol 58)
> http://www.faqs.org/rfcs/rfc2710.html
>
> HTH
>
> Lejoe
>
>
>
> On Sun, Sep 13, 2009 at 10:58 PM, Steve Lyons <charter21p5_at_gmail.com>
> wrote:
>
> > Copying Group:
> >
> > PIM is only one protocol within the suite of protocols. Keep in mind
> there
> > is also CGMP, IGMP, MSDP, MOSPF, Auto-RP, BSR, Anycast-RP, and in IPV6
> MLD.
> > There are also a range of multicast addresses you could allow:
> >
> > http://www.iana.org/assignments/multicast-addresses/
> >
> > Steve Lyons
> >
> > On Sun, Sep 13, 2009 at 7:43 AM, Mohamed El Henawy <m.henawy_at_link.net
> > >wrote:
> >
> > > Assuming that the Source ip is already permitted ofcourse
> > >
> > >
> > > ----- Original Message -----
> > > From: Mohamed El Henawy
> > > To: Cisco certification
> > > Sent: Sunday, September 13, 2009 2:32 PM
> > > Subject: ACL to permit Multicast
> > >
> > >
> > > Hello Group ,
> > >
> > > short question...
> > > if I need to permit multicast on the interface is access-list x
> permit
> > > pim
> > > any any is enough ?
> > >
> > >
> > > Thanks :)
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > >
Received on Sun Sep 13 2009 - 17:19:43 ART

This archive was generated by hypermail 2.2.0 : Sun Oct 04 2009 - 07:42:03 ART